/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package assignment_cp3120.auth;

import assignment_cp3120.DAO.Factory.DAOFactory;
import assignment_cp3120.dataObjects.User;

/**
 *
 * @author Administrator
 */
public class Authenticate {
    
    private static final String USER = "User";
    private static final String ADMIN = "Admin";
    private static final String MANAGER = "Manager";
    private static final String INVALID = "INVALID";
    private static final String USER_NOT_FOUND = "User_not_found";
    
    private static User currentUser = null;
    private static String accessType;

    /**
     * Get the current user. Return a new user if the current user is null
     * @return
     * CurrentUser if not null else a new user
     */
    public static User getInstance() {
      if(currentUser == null) {
         currentUser = new User();
      }
      return currentUser;
    }
    /**
     * Function used to set the current user to the given user
     * @param user
     */
    public static void setInstance(User user) {
        currentUser = user;
    }
    /**
     * Default constructor is protected to prevent instatiation of this class
     */
    protected Authenticate() {
      // Exists only to defeat instantiation.
    }
    /**
     * This function is used to authenticate which level of access the user has.
     * If the user is Admin then he is also Manager and User
     * If Manager then he is also User
     * The function also loads a temp user with the passed username and checks the username and password.
     * Aslo sets the access level of this login
     * @param username
     * Username to check
     * @param password
     * Password to check
     * @param requestedAccessLevel
     * The access level they are trying gain access to
     * @return
     * True if authenticated
     */
    public static boolean authUser(String username, String password, String requestedAccessLevel){
        User tempUser = DAOFactory.getDAOFactory().getUserDAO().getUser(username);
        if (tempUser == null) {
            return false;
        }
        if(tempUser.getUsername().equals(username) || tempUser.getPassword().equals(password)){
            if(requestedAccessLevel.equals(USER)) {
                if(tempUser.isUser()
                        || tempUser.isManager()
                        || tempUser.isAdmin()){
                    accessType = USER;
                }
                else{
                    accessType = INVALID;
                }
            }
            else if(requestedAccessLevel.equals(MANAGER)){
                if(tempUser.isManager()
                        || tempUser.isAdmin()){
                    accessType = MANAGER;
                }
                else{
                    accessType = INVALID;
                }
            }
            else if(requestedAccessLevel.equals(ADMIN)){
                if(tempUser.isAdmin()){
                    accessType = ADMIN;
                }
                else {
                    accessType = INVALID;
                }
            }
            else{
                accessType = INVALID;
            }
        }
        else{
            accessType = USER_NOT_FOUND;
        }
        if(accessType.equals(INVALID) || accessType.equals(USER_NOT_FOUND)){
            return false;
        }else{
            return true;
        }
    }
    /**
     * Login a user with the given username. Authenticate.authUser should be called first.
     * Sets the current user to the username given to the function. This username is found in the data base and assigned as the currnet user
     * The function also sets the current users account type to accessType.
     * @param username
     * Username to login in
     */
    public static void login(String username){
        currentUser = DAOFactory.getDAOFactory().getUserDAO().getUser(username);
        currentUser.setAccountType(accessType);
    }
}
